EUCC poses new requirements to the baseline CCRA/SOGIS MRA assurance continuity procedure and makes monitoring of certificate conformity and vulnerabilities of certified products obligatory. Suspension... Read More

With the changes in the EU around CRA, EUCC and related security legislation that is mandating security certifications, it is becoming confusing as to where... Read More

This expert panel of iTC leads will look at how iTCs originally formed, how they have been performing, and plans for the future. The panel... Read More

The Dedicated Security Component collaborative Protection Profile (DSC cPP) plays a critical role in demonstrating up-to-date cryptographic requirements within a Protection Profile and has strong... Read More

This talk presents a structured approach to applying Common Criteria (ISO/IEC 15408) to railway industrial control systems, aligning with IEC 62443-4-1 secure development practices and... Read More

CEN TC 224 WG17 is developing a Protection Profile (PP) for Wallet Secure Cryptographic Applications (WSCAs) within the framework of the European Digital Identity (EUDI).... Read More

Physical security is a foundational requirement for high-assurance (e.g. EAL6) TOEs that must withstand sophisticated physical and fault-injection attacks. Effective protection arises from a coordinated... Read More

Threat modeling identifies potential vulnerabilities, improving Common Criteria (CC) evaluation objectivity and consistency. By automating threat modeling, CC evaluations reduce time and cost while becoming... Read More

CC evaluations often lack resilience against APTs, zero-days, and AI-assisted attacks due to VA models and the level of assessment assumptions. This paper critiques current... Read More

AVA activities should be based on a comprehensive analysis of TOE documentation. “Backwards ” tracking of the activities conducted by the laboratory for the AVA_VAN... Read More